Skip to main content

Disable WebAuthn MFA for ONTAP System Manager users

Contributors netapp-mwallis netapp-dbagwell
PDFs

As an ONTAP administrator, you can disable WebAuthn MFA for a user or group by editing the user or group with System Manager or the ONTAP CLI.

Disable WebAuthn MFA for an existing user or group

You can disable WebAuthn MFA for an existing user or group at any time.

Note If you disable registered credentials, the credentials are retained. If you enable the credentials again in the future, the same credentials are used, so the user doesn't need to re-register upon logging in.
System Manager

  1. Select Cluster > Settings.

  2. Select the arrow icon next to Users and Roles.

  3. In the list of users and groups, select the user or group you want to edit.

  4. In the MFA for HTTP column for that user, select Disabled.

  5. Select Save.

CLI

  1. Modify an existing user or group to disable WebAuthn MFA for that user or group.

    In the following example, WebAuthn MFA is disabled by choosing "none" for the second authentication method.

    security login modify -user-or-group-name <user_or_group_name> \
                     -authentication-method domain \
                     -second-authentication-method none \
                     -application http \
                     -role admin

Learn more

Visit the ONTAP manual pages for this command: